DOI QR코드

DOI QR Code

A Partial Encryption Method for the Efficiency and the Security Enhancement of Massive Data Transmission in the Cloud Environment

클라우드 환경에서의 대용량 데이터 전송의 효율성과 보안성 강화를 위한 부분 암호화 방법

  • 조성한 (가천대학교 IT융합공학과) ;
  • 한기태 (가천대학교 컴퓨터공학과)
  • Received : 2017.07.04
  • Accepted : 2017.08.07
  • Published : 2017.09.30

Abstract

In case of using the existing encrypted algorithm for massive data encryption service under the cloud environment, the problem that requires much time in data encryption come to the fore. To make up for this weakness, a partial encryption method is used generally. However, the existing partial encryption method has a disadvantage that the encrypted data can be inferred due to the remaining area that is not encrypted. This study proposes a partial encryption method of increasing the encryption speed and complying with the security standard in order to solve this demerit. The proposed method consists of 3 processes such as header formation, partial encryption and block shuffle. In step 1 Header formation process, header data necessary for the algorithm are generated. In step 2 Partial encryption process, a part of data is encrypted, using LEA (Lightweight Encryption Algorithm), and all data are transformed with XOR of data in the unencrypted part and the block generated in the encryption process. In step 3 Block shuffle process, the blocks are mixed, using the shuffle data stored with the random arrangement form in the header to carry out encryption by transforming the data into an unrecognizable form. As a result of the implementation of the proposed method, applying it to a mobile device, all the encrypted data were transformed into an unrecognizable form, so the data could not be inferred, and the data could not be restored without the encryption key. It was confirmed that the proposed method could make prompt treatment possible in encrypting mass data since the encryption speed is improved by approximately 273% or so compared to LEA which is Lightweight Encryption Algorithm.

클라우드 환경에서의 대용량 암호화 데이터 서비스를 위하여 기존의 암호화 알고리즘을 사용할 경우 데이터 암호화에 많은 시간 소요의 문제점이 대두된다. 이러한 단점을 보완하기 위해 일반적으로 부분 암호화 방법을 사용한다. 그러나 기존의 부분 암호화 방법은 암호화되지 않은 잔존 영역으로 인해 암호화된 데이터를 유추할 수 있다는 단점이 존재한다. 본 논문에서는 이러한 단점을 해결하기 위해 암호화 속도를 높이면서 보안을 준수하는 부분 암호화 방법을 제안한다. 제안하는 방법은 헤더 생성, 부분 암호화, 블록 셔플의 과정으로 구성된다. 1단계 헤더 생성 과정에서는 알고리즘에 필요한 헤더 데이터를 생성하고 2단계 부분 암호화 과정에서는 LEA (Lightweight Encryption Algorithm)를 이용하여 데이터의 일부분을 암호화하고 암호화하지 않은 부분의 데이터와 암호화 과정 중에 생성된 블록을 XOR하여 모든 데이터를 변형시키며, 3단계 블록 셔플 과정에서는 헤더에 저장한 셔플 데이터를 이용하여 블록을 섞어 데이터를 알아볼 수 없는 형태로 바꾸어 암호화를 수행한다. 제안하는 방법을 모바일 디바이스에 적용하여 구현한 결과 암호화한 데이터는 알아볼 수 없는 형태로 모두 바뀌어 데이터를 유추할 수 없었고, 암호 키 없이는 데이터를 복원할 수 없었다. 제안하는 방법은 블록 경량 암호화 알고리즘인 LEA에 비해 암호화 속도가 약 273% 정도 향상되어 대용량 데이터를 암호화하는데 있어 빠른 처리가 가능함을 확인하였다.

Keywords

References

  1. H. Lee, "Smart home based internet of thing," The Journal of the Korean Institute of Communication Sciences, Vol. 32, No.4, pp.44-49, 2015.
  2. Kyungsu Park, Jieun Eom, Jeongsu Park, and Donghoon Lee, "Secure and Efficient Client-side Deduplication for Cloud Storage," Journal of the Korea Institute of Information Security & Crytology, Vol.25, No.1, pp.83-94, 2015. https://doi.org/10.13089/JKIISC.2015.25.1.83
  3. SeongMin Cho and Hoon Lee, "A Countermeasure against the Abatement Attack to the Security Server," Journal of the Korea Institute of Information and Communication Engineering, Vol.20, No.1, pp.94-102, 2016. https://doi.org/10.6109/jkiice.2016.20.1.94
  4. Jaehoon Kim and Hojin Seo, "Vulnerability Analysis of Authentication in Encryption Key Backup Using Personal Cloud Storage : Focus on Case Studies," Journal of Korean Institute of Information Technology, Vol.15, No.5, pp.121-129, 2016.
  5. H. Kwon, D. Jeong, B. Jeong, and J. Kim, "Cloud security overview," The Journal of The Korean Institute of Communication Sciences, Vol.32, No.10, pp.71-76, 2015.
  6. E. S. Jeong, B. H. Kim, and D. H. Lee, "A generic partial encryption scheme for low-power mobile devices," MultiMedia Tools and Applications, Vol.72, pp.2087-2106, 2014. https://doi.org/10.1007/s11042-013-1389-9
  7. A. Moumen, M. Bouye, and H. Sissaoui, "New secure partial encryption method for medical images," Nonlinear Dynamics, Vol.82, pp.1475-1482, 2015. https://doi.org/10.1007/s11071-015-2253-4
  8. H. Kim and S. Hwang, "A Study on Application of Efficient Partial Encryption Technique on USB Memory," The Institute of Electronics Engineers of Korea Fall Conference, pp.632- 635, 2009.
  9. K. Kim and S. Nam, "Partial encryption algorithm based on block cipher algorithm," Proceedings of the 33th KSII Spring Conference, pp.119-120, 2016.
  10. D. Hong, J. K. Lee, D. C. Kim, D. Kwon, K. H. Ryu, and D. G. Lee, "LEA : A 128-Bit Block Cipher for Fast Encryption on Common Processors," WISA 2013: Information Security Applications, pp.3-27, 2014.
  11. J. Deamen and V. Rijmen, "Advanced Encryption Standard (AES)," Federal Information Processing Standards Publication, 197, 2001.
  12. D. Hong, J. Sung, S. Hong, J. Lim, S. Lee, B. S. Koo, C. Lee, D. Chang, J. Lee, K. Jeong, H. Kim, J. Kim, and S. Chee, "HIGHT : A New Block Cipher Suitable for Low-Resource Device," Cryptographic Hardware and Embedded Systems, pp.49-59, 2006.
  13. S. Moon, M. Kim, and T. Kwon, "Lightweight cryptographic technology trends for IoT communication environment," The Journal of The Korean Institute of Communication Sciences, Vol.33, No.3, pp.80-86, 2016.
  14. KISA [Internet], https://seed.kisa.or.kr/.